Step 3: Configure DNS

This is the most critical step. You need to configure your DNS so that traffic to your website flows through PowerWAF's network. The process differs depending on the DNS mode you selected during the initial setup.

Full DNS Mode

If you chose Full DNS, the process involves reviewing imported records and changing your domain's nameservers to point to PowerWAF.

3.1 Review Imported DNS Records

After adding your domain, PowerWAF automatically scans and imports your existing DNS records. Navigate to the DNS Manager from the left sidebar.

Once the scan completes, you will see a preview of all imported records:

Review each record carefully:

Type: The DNS record type (A, AAAA, CNAME, MX, TXT, NS).
Name: The subdomain or @ for the root domain.
Value: The target IP address, hostname, or text content.
TTL: Time-to-live in seconds.
Routing: Protected (traffic flows through WAF) or Direct (DNS resolves directly to origin).

warning

Make sure all critical records are present before proceeding. Missing records (especially MX records for email) can cause service interruptions after the nameserver change.

You can add, edit, or delete records at this stage. When everything looks correct, click Continue to proceed to the nameserver change.

3.2 Change Your Nameservers

PowerWAF will display the nameservers you need to configure at your domain registrar.

To change your nameservers:

Log in to your domain registrar (e.g., GoDaddy, Namecheap, Google Domains).
Navigate to the DNS settings or Nameserver configuration for your domain.
Replace the current nameservers with the ones provided by PowerWAF.
Save the changes.

info

The exact steps to change nameservers vary by registrar. Below are general instructions for the most common providers:

GoDaddy: My Domains → DNS → Change Nameservers → Enter Custom Nameservers
Namecheap: Domain List → Manage → Nameservers → Custom DNS
Google Domains: DNS → Custom Name Servers

3.3 Verify DNS Propagation

After changing your nameservers, return to the PowerWAF panel. The system will periodically check whether the nameserver change has propagated.

Propagation times vary:

Fast registrars: 5-30 minutes
Average: 1-4 hours
Maximum: Up to 48 hours (rare)

Once PowerWAF detects the nameserver change, your domain status will change to Active and traffic will begin flowing through the WAF.

tip

You can use tools like dnschecker.org to monitor nameserver propagation globally.

Partial DNS Mode (CNAME)

If you chose Partial DNS, you need to add protected sites and configure CNAME records at your existing DNS provider.

3.1 Add a Protected Site

Navigate to Protected Sites from the left sidebar.
Click Add New Site.

In the modal, enter the site details:

Field	Description	Example
Domain	The full domain or subdomain to protect	`www.example.com`
Origin IP	Your origin server's IP address	`203.0.113.50`
Protocol	HTTP or HTTPS	HTTPS
Port	The origin server port	443

Click Save. PowerWAF will generate a CNAME target for this site.

3.2 Configure the CNAME Record

After adding the site, PowerWAF will display the CNAME record you need to configure at your DNS provider.

Log in to your DNS provider (e.g., Cloudflare, Route 53, your registrar's DNS).
Find the DNS records for your domain.
Add or modify a CNAME record:
- Name/Host: The subdomain (e.g., www)
- Value/Target: The CNAME target provided by PowerWAF (e.g., site-123.powerwaf-cdn.net)
- TTL: 300 seconds (or "Auto")
Save the DNS record.

warning

CNAME records cannot be used on root domains (example.com). They only work on subdomains (www.example.com, app.example.com). If you need to protect your root domain, use Full DNS mode.

3.3 Verify the Configuration

After saving the CNAME record, wait for DNS propagation. You can verify the configuration by running:

dig www.example.com CNAME

The response should show the CNAME target pointing to PowerWAF's network. Once propagated, traffic to that subdomain will flow through the WAF.

Verify That PowerWAF Is Active

Regardless of the DNS mode you selected, you can verify that traffic is flowing through PowerWAF by checking the Dashboard. Within a few minutes of DNS propagation, you should see:

Incoming requests appearing in the throughput chart.
Your domain listed as active in the DNS Manager or Protected Sites.

Next: Step 4: Explore the Dashboard - Understand the dashboard and configure your security rules.

Full DNS Mode​

3.1 Review Imported DNS Records​

3.2 Change Your Nameservers​

3.3 Verify DNS Propagation​

Partial DNS Mode (CNAME)​

3.1 Add a Protected Site​

3.2 Configure the CNAME Record​

3.3 Verify the Configuration​

Verify That PowerWAF Is Active​